n2rng.h revision 4df55fde49134f9735f84011f23a767c75e393c7
4496171313bed39e96f21bc2f9faf2868e267ae3girish * CDDL HEADER START
4496171313bed39e96f21bc2f9faf2868e267ae3girish * The contents of this file are subject to the terms of the
4496171313bed39e96f21bc2f9faf2868e267ae3girish * Common Development and Distribution License (the "License").
4496171313bed39e96f21bc2f9faf2868e267ae3girish * You may not use this file except in compliance with the License.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
4496171313bed39e96f21bc2f9faf2868e267ae3girish * See the License for the specific language governing permissions
4496171313bed39e96f21bc2f9faf2868e267ae3girish * and limitations under the License.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * When distributing Covered Code, include this CDDL HEADER in each
4496171313bed39e96f21bc2f9faf2868e267ae3girish * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * If applicable, add the following below this CDDL HEADER, with the
4496171313bed39e96f21bc2f9faf2868e267ae3girish * fields enclosed by brackets "[]" replaced with your own identifying
4496171313bed39e96f21bc2f9faf2868e267ae3girish * information: Portions Copyright [yyyy] [name of copyright owner]
4496171313bed39e96f21bc2f9faf2868e267ae3girish * CDDL HEADER END
e3d6ebc24700cc84a56f7c08c0ec5fb9564a759bAn Bui * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * Use is subject to license terms.
4496171313bed39e96f21bc2f9faf2868e267ae3girish/* skip following stuff when included in n2rng_hcall.s */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#endif /* !_ASM */
4496171313bed39e96f21bc2f9faf2868e267ae3girishextern "C" {
741c280d5486676df48cd5d5e8ed8d92eac714a8twelketypedef enum {
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef union n2rngctl {
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef struct {
4496171313bed39e96f21bc2f9faf2868e267ae3girish * Our contiguous memory alignment requirement is
4496171313bed39e96f21bc2f9faf2868e267ae3girish * only for 8 bytes, however contig mem allocation
4496171313bed39e96f21bc2f9faf2868e267ae3girish * routines requirement minimum of 64.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * Returns 1 only if the address range of a variable of type type at
4496171313bed39e96f21bc2f9faf2868e267ae3girish * ptr falls entirely on one page. Based on page size of 4K. May
4496171313bed39e96f21bc2f9faf2868e267ae3girish * give some false negatives on larger page sizes.
4496171313bed39e96f21bc2f9faf2868e267ae3girish (((((uint64_t)(ptr)) ^ ((uint64_t)(ptr) + sizeof (type) -1)) \
4496171313bed39e96f21bc2f9faf2868e267ae3girish * The RNG hardware can send certain internal analog signals to an
4496171313bed39e96f21bc2f9faf2868e267ae3girish * external pin on the chip. Setting the rnc_anlg_sel bit to
4496171313bed39e96f21bc2f9faf2868e267ae3girish * N2RNG_NOANALOGOUT deselects all analog signals (perhaps selects
4496171313bed39e96f21bc2f9faf2868e267ae3girish * ground). Choosing any other value would aid an attacker with
4496171313bed39e96f21bc2f9faf2868e267ae3girish * physical access to the chip.
4496171313bed39e96f21bc2f9faf2868e267ae3girish * There can only be N2_RNG_FIPS_INSTANCES concurrent RNG requsts from
4496171313bed39e96f21bc2f9faf2868e267ae3girish * the framework. Making this value large helps benchmarks. It
4496171313bed39e96f21bc2f9faf2868e267ae3girish * should probably come from a conf file, but for now it is hard
4496171313bed39e96f21bc2f9faf2868e267ae3girish * coded. The code computes i % N2RNG_FIPS_INSTANCES, which is more
4496171313bed39e96f21bc2f9faf2868e267ae3girish * efficient when N2RNG_FIPS_INSTANCES is a power of 2.
4496171313bed39e96f21bc2f9faf2868e267ae3girish uint64_t entropyhunger; /* RNGs generated with no entropy */
4496171313bed39e96f21bc2f9faf2868e267ae3girish uint32_t XKEY[6]; /* one extra word for getentropy */
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef struct {
4496171313bed39e96f21bc2f9faf2868e267ae3girish * volatile, since it is not protected by a mutex. (That is
4496171313bed39e96f21bc2f9faf2868e267ae3girish * okay since it is operated on and accessed via atomic ops.)
4496171313bed39e96f21bc2f9faf2868e267ae3girish volatile unsigned int fips_round_robin_j;
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke * Device flags (n2rng_t.n_flags)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_setcontrol(n2rng) ((n2rng)->n_flags |= N2RNG_CONTROL)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_clrcontrol(n2rng) ((n2rng)->n_flags &= ~N2RNG_CONTROL)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_iscontrol(n2rng) ((n2rng)->n_flags & N2RNG_CONTROL)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_setfailed(n2rng) ((n2rng)->n_flags |= N2RNG_FAILED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_clrfailed(n2rng) ((n2rng)->n_flags &= ~N2RNG_FAILED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_isfailed(n2rng) ((n2rng)->n_flags & N2RNG_FAILED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_setconfigured(n2rng) ((n2rng)->n_flags |= N2RNG_CONFIGURED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_clrconfigured(n2rng) ((n2rng)->n_flags &= ~N2RNG_CONFIGURED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_isconfigured(n2rng) ((n2rng)->n_flags & N2RNG_CONFIGURED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_setinitialized(n2rng) ((n2rng)->n_flags |= N2RNG_INITIALIZED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_clrinitialized(n2rng) ((n2rng)->n_flags &= ~N2RNG_INITIALIZED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_isinitialized(n2rng) ((n2rng)->n_flags & N2RNG_INITIALIZED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_setregistered(n2rng) ((n2rng)->n_flags |= N2RNG_REGISTERED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_clrregistered(n2rng) ((n2rng)->n_flags &= ~N2RNG_REGISTERED)
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define n2rng_isregistered(n2rng) ((n2rng)->n_flags & N2RNG_REGISTERED)
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef struct {
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef n2rng_osc_perf_t n2rng_osc_perf_table_t[N2RNG_NOSC][N2RNG_NBIASES];
741c280d5486676df48cd5d5e8ed8d92eac714a8twelketypedef struct {
741c280d5486676df48cd5d5e8ed8d92eac714a8twelketypedef struct {
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke uint64_t n_rng_state; /* as last known in this drvr. */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelketypedef struct {
4496171313bed39e96f21bc2f9faf2868e267ae3girishtypedef struct n2rng {
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke rng_ctl_data_t *n_ctl_data; /* Only valid in ctl domain */
e3d6ebc24700cc84a56f7c08c0ec5fb9564a759bAn Buitypedef kstat_named_t n2rng_kstat_bias_t[N2RNG_MAX_RNGS][N2RNG_NOSC];
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define RNG_DIAG_CHUNK_SIZE (N2RNG_MAX_READ / 8) /* as words */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define RNG_RETRY_HLCHK_USECS 100000 /* retry every .1 seconds */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define RNG_CFG_RETRY_SECS 60 /* seconds between cfg retries */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define RNG_DEFAULT_HC_SECS 0 /* seconds between health checks */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke#define RNG_EXTRA_WATCHDOG_SECS 60 /* added to hc time for watchdog */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeint n2rng_noise_gen_preferred(n2rng_t *n2rng, int rngid);
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeint n2rng_collect_diag_bits(n2rng_t *n2rng, int rngid,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke n2rng_setup_t *collect_setupp, void *buffer, int numbytes,
4496171313bed39e96f21bc2f9faf2868e267ae3girishint n2rng_getentropy(n2rng_t *n2rng, void *buffer, size_t size);
4496171313bed39e96f21bc2f9faf2868e267ae3girishint n2rng_fips_random_init(n2rng_t *n2rng, fipsrandomstruct_t *frsp);
4496171313bed39e96f21bc2f9faf2868e267ae3girishvoid n2rng_fips_random_fini(fipsrandomstruct_t *frsp);
4496171313bed39e96f21bc2f9faf2868e267ae3girishvoid n2rng_renyi_entropy(uint64_t *buffer, int log2samples,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeuint64_t n2rng_read_ctl(n2rng_t *n2rng, int rngid, uint64_t ctlregs_pa,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke uint64_t *state, uint64_t *tdelta, uint64_t *wdelta);
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeuint64_t n2rng_ctl_write(n2rng_t *n2rng, int rngid, uint64_t ctlregs_pa,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke uint64_t newstate, uint64_t wtimeout, uint64_t *tdelta);
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeuint64_t n2rng_data_read_diag(n2rng_t *n2rng, int rngid, uint64_t data_pa,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkevoid n2rng_config_retry(n2rng_t *n2rng, clock_t seconds);
4496171313bed39e96f21bc2f9faf2868e267ae3girish#if defined(DEBUG)
4496171313bed39e96f21bc2f9faf2868e267ae3girish#define DMOD 0x00000040 /* _init/_fini/_info/attach/detach */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#define DENTRY 0x00000080 /* crypto routine entry/exit points */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#define DBGCALL(flag, func) { if (n2rng_dflagset(flag)) (void) func; }
4496171313bed39e96f21bc2f9faf2868e267ae3girishvoid n2rng_dprintf(n2rng_t *, int, const char *, ...);
4496171313bed39e96f21bc2f9faf2868e267ae3girishvoid n2rng_dumphex(void *, int);
4496171313bed39e96f21bc2f9faf2868e267ae3girish#else /* !defined(DEBUG) */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#define DBG5(vca, lvl, fmt, arg1, arg2, arg3, arg4, arg5)
4496171313bed39e96f21bc2f9faf2868e267ae3girish#define DBG6(vca, lvl, fmt, arg1, arg2, arg3, arg4, arg5, arg6)
4496171313bed39e96f21bc2f9faf2868e267ae3girish#endif /* !defined(DEBUG) */
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkevoid n2rng_dipverror(dev_info_t *, const char *, va_list);
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeuint64_t hv_rng_ctl_read(uint64_t ctlregs_pa, uint64_t *state,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelkeuint64_t hv_rng_ctl_read_v2(uint64_t ctlregs_pa, uint64_t rngid,
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke uint64_t *state, uint64_t *tdelta, uint64_t *wdelta, uint64_t *wstate);
4496171313bed39e96f21bc2f9faf2868e267ae3girish uint64_t newstate, uint64_t wtimeout, uint64_t *tdelta);
741c280d5486676df48cd5d5e8ed8d92eac714a8twelke uint64_t newstate, uint64_t wtimeout, uint64_t rngid);
4496171313bed39e96f21bc2f9faf2868e267ae3girishuint64_t hv_rng_data_read(uint64_t data_pa, uint64_t *tdelta);
4496171313bed39e96f21bc2f9faf2868e267ae3girish#endif /* _KERNEL */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#endif /* !_ASM */
4496171313bed39e96f21bc2f9faf2868e267ae3girish#endif /* _SYS_N2RNG_H */